advanced probabilistic couplings for differential privacy
play

Advanced Probabilistic Couplings for Differential Privacy Gilles - PowerPoint PPT Presentation

Nov 01, 2023 •421 likes •1.02k views

Advanced Probabilistic Couplings for Differential Privacy Gilles Barthe, Nomie Fong, Marco Gaboardi, Benjamin Grgoire, Justin Hsu, Pierre-Yves Strub October 25, 2016 1 A new approach to formulating privacy goals: the risk to ones

  1. Advanced Probabilistic Couplings for Differential Privacy Gilles Barthe, Noémie Fong, Marco Gaboardi, Benjamin Grégoire, Justin Hsu, Pierre-Yves Strub October 25, 2016 1

  2. A new approach to formulating privacy goals: the risk to one’s privacy, or in general, any type of risk . . . should not substantially increase as a result of participating in a statistical database. This is captured by differential privacy. — Cynthia Dwork 2

  3. Increasing interest In research. . . 3

  4. Increasing interest In research. . . . . . and beyond 3

  5. 4

  6. Dwork, McSherry, Nissim, and Smith Let ǫ, δ ≥ 0 be parameters, and suppose there is a binary adjacency relation Adj on D . A randomized algorithm M : D → Distr ( R ) is ( ǫ, δ )-differentially private if for every set of outputs S ⊆ R and every pair of adjacent inputs d 1 , d 2 , we have Pr x ∼ M ( d 1 ) [ x ∈ S ] ≤ exp( ǫ ) · Pr x ∼ M ( d 2 ) [ x ∈ S ] + δ . 5

  7. Dwork, McSherry, Nissim, and Smith Let ǫ, δ ≥ 0 be parameters, and suppose there is a binary adjacency relation Adj on D . A randomized algorithm M : D → Distr ( R ) is ( ǫ, δ )-differentially private if for every set of outputs S ⊆ R and every pair of adjacent inputs d 1 , d 2 , we have Pr x ∼ M ( d 1 ) [ x ∈ S ] ≤ exp( ǫ ) · Pr x ∼ M ( d 2 ) [ x ∈ S ] + δ . How to formally verify? 5

  8. Differential privacy is a: relational property of probabilistic programs. 6

  9. Composition properties Program is ( ǫ + ǫ ′ , δ + δ ′ )-private 7

  10. Composition properties Program is ( ǫ + ǫ ′ , δ + δ ′ )-private Formally Consider randomized algorithms M : D → Distr ( R ) and M : R → D → Distr ( R ′ ). If M is ( ǫ, δ ) -private and for every r ∈ R , M ′ ( r ) is ( ǫ ′ , δ ′ ) -private, then the composition is ( ǫ + ǫ ′ , δ + δ ′ ) -private: ← M ( d ); res ← M ( r , d ); return( res ) r $ $ 7

  11. When privacy follows from composition 8

  12. When privacy follows from composition (Linear types, refinement types, self products, relational Hoare logics, . . . ) 8

  13. When privacy doesn’t follow from composition 9

  14. Complicated privacy proofs — Lyu, Su, Dong 10

  15. Complicated privacy proofs — Lyu, Su, Dong How to verify these proofs? 10

  16. Recent progress (2016) Differential privacy ≈ Approximate couplings 11

  17. Recent progress (2016) Differential privacy ≈ Approximate couplings Approximate couplings ≈ Proofs in the logic apRHL 11

  18. Recent progress (2016) Differential privacy ≈ Approximate couplings Approximate couplings ≈ Proofs in the logic apRHL Only proofs beyond composition for ( ǫ, 0)-privacy 11

  19. Enhance the logic New coupling constructions ⇓ New proof rules ⇓ Richer formal proofs of privacy 12

  20. Our work: formal privacy proofs with: Accuracy-dependent privacy Advanced composition Adaptive inputs 13

  21. Our work: formal privacy proofs with: Accuracy-dependent privacy Advanced composition Adaptive inputs 13

  22. A crash course: the program logic apRHL [BKOZB] Imperative language with random sampling ← L ǫ ( e ) x $ 14

  23. A crash course: the program logic apRHL [BKOZB] Imperative language with random sampling ← L ǫ ( e ) x $ approximate probabilistic Relational Hoare Logic ⊢ { Φ } c 1 ∼ ( ǫ,δ ) c 2 { Ψ } 14

  24. A crash course: the program logic apRHL [BKOZB] Imperative language with random sampling ← L ǫ ( e ) x $ approximate probabilistic Relational Hoare Logic ⊢ { Φ } c 1 ∼ ( ǫ,δ ) c 2 { Ψ } Non-probablistic, relational ( x 1 = x 2 ) 14

  25. A crash course: the program logic apRHL [BKOZB] Imperative language with random sampling ← L ǫ ( e ) x $ approximate probabilistic Relational Hoare Logic ⊢ { Φ } c 1 ∼ ( ǫ,δ ) c 2 { Ψ } Numeric index 14

  26. Approximate couplings [BKOZB, BO] Definition Let R ⊆ A × A be a relation and ǫ, δ ≥ 0. Two distributions µ 1 , µ 2 ∈ Distr ( A ) are related by an ( ǫ, δ )-approximate coupling with support R if there exists µ L , µ R ∈ Distr ( A × A ) with: 15

  27. Approximate couplings [BKOZB, BO] Definition Let R ⊆ A × A be a relation and ǫ, δ ≥ 0. Two distributions µ 1 , µ 2 ∈ Distr ( A ) are related by an ( ǫ, δ )-approximate coupling with support R if there exists µ L , µ R ∈ Distr ( A × A ) with: ◮ support in R ; 15

  28. Approximate couplings [BKOZB, BO] Definition Let R ⊆ A × A be a relation and ǫ, δ ≥ 0. Two distributions µ 1 , µ 2 ∈ Distr ( A ) are related by an ( ǫ, δ )-approximate coupling with support R if there exists µ L , µ R ∈ Distr ( A × A ) with: ◮ support in R ; ◮ π 1 ( µ L ) = µ 1 and π 2 ( µ R ) = µ 2 ; 15

  29. Approximate couplings [BKOZB, BO] Definition Let R ⊆ A × A be a relation and ǫ, δ ≥ 0. Two distributions µ 1 , µ 2 ∈ Distr ( A ) are related by an ( ǫ, δ )-approximate coupling with support R if there exists µ L , µ R ∈ Distr ( A × A ) with: ◮ support in R ; ◮ π 1 ( µ L ) = µ 1 and π 2 ( µ R ) = µ 2 ; ◮ for every S ⊆ A × A , Pr z ∼ µ L [ z ∈ S ] ≤ exp( ǫ ) · Pr z ∼ µ R [ z ∈ S ] + δ 15

  30. Approximate couplings [BKOZB, BO] Definition Let R ⊆ A × A be a relation and ǫ, δ ≥ 0. Two distributions µ 1 , µ 2 ∈ Distr ( A ) are related by an ( ǫ, δ )-approximate coupling with support R if there exists µ L , µ R ∈ Distr ( A × A ) with: ◮ support in R ; ◮ π 1 ( µ L ) = µ 1 and π 2 ( µ R ) = µ 2 ; ◮ for every S ⊆ A × A , Pr z ∼ µ L [ z ∈ S ] ≤ exp( ǫ ) · Pr z ∼ µ R [ z ∈ S ] + δ 15

  31. Approximate couplings [BKOZB, BO] Definition Let R ⊆ A × A be a relation and ǫ, δ ≥ 0. Two distributions µ 1 , µ 2 ∈ Distr ( A ) are related by an ( ǫ, δ )-approximate coupling with support R if there exists µ L , µ R ∈ Distr ( A × A ) with: ◮ support in R ; ◮ π 1 ( µ L ) = µ 1 and π 2 ( µ R ) = µ 2 ; ◮ for every S ⊆ A × A , Pr z ∼ µ L [ z ∈ S ] ≤ exp( ǫ ) · Pr z ∼ µ R [ z ∈ S ] + δ R ♯ Write: µ 1 µ 2 ( ǫ,δ ) 15

  32. Interpreting judgments ⊢ { Φ } c 1 ∼ ( ǫ,δ ) c 2 { Ψ } 16

  33. Interpreting judgments ⊢ { Φ } c 1 ∼ ( ǫ,δ ) c 2 { Ψ } Two memories related by Φ 16

  34. Interpreting judgments ⊢ { Φ } c 1 ∼ ( ǫ,δ ) c 2 { Ψ } Two memories related by Φ ⇓ Two distributions related by Ψ ♯ ( ǫ,δ ) 16

  35. Differential privacy in apRHL ⊢ { Adj ( d 1 , d 2 ) } c ∼ ( ǫ,δ ) c { res 1 = res 2 } 17

  36. Differential privacy in apRHL ⊢ { Adj ( d 1 , d 2 ) } c ∼ ( ǫ,δ ) c { res 1 = res 2 } ( ǫ, δ )-differential privacy 17

  37. Proof rules Proof rule ≈ Recipe to combine couplings 18

  38. Proof rules Proof rule ≈ Recipe to combine couplings Sequence rule ≈ standard composition of privacy ⊢ { Ψ } c ′ 1 ∼ ( ǫ ′ ,δ ′ ) c ′ Seq ⊢ { Φ } c 1 ∼ ( ǫ,δ ) c 2 { Ψ } 2 { Θ } ⊢ { Φ } c 1 ; c ′ 1 ∼ ( ǫ + ǫ ′ ,δ + δ ′ ) c 2 ; c ′ 2 { Θ } 18

  39. Proof rules Proof rule ≈ Recipe to combine couplings Sequence rule ≈ standard composition of privacy ⊢ { Ψ } c ′ 1 ∼ ( ǫ ′ ,δ ′ ) c ′ Seq ⊢ { Φ } c 1 ∼ ( ǫ,δ ) c 2 { Ψ } 2 { Θ } ⊢ { Φ } c 1 ; c ′ 1 ∼ ( ǫ + ǫ ′ ,δ + δ ′ ) c 2 ; c ′ 2 { Θ } 18

  40. Our work: formal privacy proofs with: Accuracy-dependent privacy Advanced composition Adaptive inputs 19

  41. Accuracy-dependent privacy 20

  42. Accuracy-dependent privacy Rough intuition ◮ Think of δ in ( ǫ, δ )-privacy as failure probability ◮ “Algorithm is private except with small probability δ ” ◮ “If the noise added is not too large, then . . . ” Similar to up-to-bad reasoning ◮ Common tool in crypto proofs ◮ “If bad event doesn’t happen, then protocol is safe” 21

  43. In apRHL: up-to-bad rule ⊢ { Φ } c 1 ∼ ( ǫ,δ ) c 2 {¬ Ψ � 1 � → x 1 = x 2 } ]( m 1 ) [Ψ � 1 � ] < δ ′ | = m ∈ Θ = ⇒ Pr [ [ c 1 ] UtB ⊢ { Φ } c 1 ∼ ( ǫ,δ + δ ′ ) c 2 { x 1 = x 2 } 22

  44. In apRHL: up-to-bad rule ⊢ { Φ } c 1 ∼ ( ǫ,δ ) c 2 {¬ Ψ � 1 � → x 1 = x 2 } ]( m 1 ) [Ψ � 1 � ] < δ ′ | = m ∈ Θ = ⇒ Pr [ [ c 1 ] UtB ⊢ { Φ } c 1 ∼ ( ǫ,δ + δ ′ ) c 2 { x 1 = x 2 } Notes ◮ Ψ � 1 � is “bad event”, only mentions c 1 22

  45. In apRHL: up-to-bad rule ⊢ { Φ } c 1 ∼ ( ǫ,δ ) c 2 {¬ Ψ � 1 � → x 1 = x 2 } ]( m 1 ) [Ψ � 1 � ] < δ ′ | = m ∈ Θ = ⇒ Pr [ [ c 1 ] UtB ⊢ { Φ } c 1 ∼ ( ǫ,δ + δ ′ ) c 2 { x 1 = x 2 } Notes ◮ Ψ � 1 � is “bad event”, only mentions c 1 ◮ If bad event doesn’t happen, have privacy 22

  46. In apRHL: up-to-bad rule ⊢ { Φ } c 1 ∼ ( ǫ,δ ) c 2 {¬ Ψ � 1 � → x 1 = x 2 } ]( m 1 ) [Ψ � 1 � ] < δ ′ | = m ∈ Θ = ⇒ Pr [ [ c 1 ] UtB ⊢ { Φ } c 1 ∼ ( ǫ,δ + δ ′ ) c 2 { x 1 = x 2 } Notes ◮ Ψ � 1 � is “bad event”, only mentions c 1 ◮ If bad event doesn’t happen, have privacy ◮ Bound probability of Ψ after c 1 22

  47. 23

  48. Advanced composition theorem Compose n mechanisms, each ( ǫ, δ )-private ◮ Standard composition: ( n · ǫ, n · δ )-private ◮ Advanced composition: ( ǫ ∗ , δ ∗ )-private ǫ ∗ ≈ √ n · ǫ δ ∗ ≈ n · δ + δ ′ and 24

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Proving Differential Privacy via Probabilistic Couplings Gilles Barthe, Marco Gaboardi, Benjamin

Proving Differential Privacy via Probabilistic Couplings Gilles Barthe, Marco Gaboardi, Benjamin

Proving Differential Privacy via Probabilistic Couplings Gilles Barthe, Marco Gaboardi, Benjamin Grgoire, Justin Hsu*, Pierre-Yves Strub IMDEA Software, University at Buffalo, Inria, University of Pennsylvania* July 8, 2016 1 A new approach

518 views • 6 slides
Probabilistic couplings for cryptography and privacy Gilles Barthe IMDEA Software Institute,

Probabilistic couplings for cryptography and privacy Gilles Barthe IMDEA Software Institute,

Probabilistic couplings for cryptography and privacy Gilles Barthe IMDEA Software Institute, Madrid, Spain September 13, 2016 Relational properties Properties about two runs of the same program Assume inputs are related by Want to

652 views • 49 slides
-Liftings for Differential Privacy and f -Divergences Gilles Barthe, Thomas Espitau, Justin

-Liftings for Differential Privacy and f -Divergences Gilles Barthe, Thomas Espitau, Justin

-Liftings for Differential Privacy and f -Divergences Gilles Barthe, Thomas Espitau, Justin Hsu, Tetsuya Sato, Pierre-Yves Strub 1 Differential privacy: probabilistic program property 2 Differential privacy: probabilistic program property

668 views • 48 slides
Differential Privacy (Part III) Approximate (or ( , ))-differential privacy

Differential Privacy (Part III) Approximate (or ( , ))-differential privacy

Differential Privacy (Part III) Approximate (or ( , ))-differential privacy Generalized definition of differential privacy allowing for a (supposedly small) additive factor Used in a variety of applications A query mechanism M is (

1.27k views • 43 slides
Differential Privacy Techniques Beyond Differential Privacy Steven Wu Assistant Professor

Differential Privacy Techniques Beyond Differential Privacy Steven Wu Assistant Professor

Differential Privacy Techniques Beyond Differential Privacy Steven Wu Assistant Professor University of Minnesota 1 Differential privacy? Isnt it just adding noise? How to add smart noise to guarantee privacy without sacrificing

592 views • 57 slides
CS573 Data Privacy and Security Local Differential Privacy Li Xiong Privacy at Scale: Local

CS573 Data Privacy and Security Local Differential Privacy Li Xiong Privacy at Scale: Local

CS573 Data Privacy and Security Local Differential Privacy Li Xiong Privacy at Scale: Local Differential Privacy in Practice (Module 1) Graham Cormode, Somesh Jha, Tejas Kulkarni, Ninghui Li, Divesh Srivastava, and Tianhao Wang Differential

819 views • 38 slides
Differential Privacy Li Xiong Outline Differential Privacy Definition Basic techniques

Differential Privacy Li Xiong Outline Differential Privacy Definition Basic techniques

CS573 Data Privacy and Security Differential Privacy Li Xiong Outline Differential Privacy Definition Basic techniques Composition theorems Statistical Data Privacy Non-interactive vs interactive Privacy goal: individual is

1.15k views • 64 slides
Toniann Pitassi Outline 1. Differential Privacy: The Basics 2. Differential Privacy in New

Toniann Pitassi Outline 1. Differential Privacy: The Basics 2. Differential Privacy in New

Differential Privacy and Fairness: Foundations and New Frontiers Toniann Pitassi Outline 1. Differential Privacy: The Basics 2. Differential Privacy in New Settings - Pan Privacy - Privacy in multi-party settings - Fairness Outline

947 views • 49 slides
Beyond Differential Privacy: Composition Theorems and Relational Logic for f -divergences between

Beyond Differential Privacy: Composition Theorems and Relational Logic for f -divergences between

Beyond Differential Privacy: Composition Theorems and Relational Logic for f -divergences between Probabilistic Programs Gilles Barthe Federico Olmedo IMDEA Software Institute, Madrid, Spain 40 th International Colloquium on Automata, Languages

514 views • 32 slides
CS573 Data Privacy and Security Differential Privacy Real World Deployments Li Xiong

CS573 Data Privacy and Security Differential Privacy Real World Deployments Li Xiong

CS573 Data Privacy and Security Differential Privacy Real World Deployments Li Xiong Applying Differential Privacy Real world deployments of differential privacy OnTheMap RAPPOR Module 4 Tutorial: Differential Privacy in the Wild

617 views • 30 slides
Bridging Privacy Definitions: Differential Privacy and Concepts from Privacy Law &amp; Policy

Bridging Privacy Definitions: Differential Privacy and Concepts from Privacy Law &amp; Policy

Bridging Privacy Definitions: Differential Privacy and Concepts from Privacy Law &amp; Policy Alexandra Wood Berkman Klein Center for Internet &amp; Society at Harvard University DIMACS/Northeast Big Data Hub Workshop on Overcoming Barriers to

964 views • 54 slides
Differential privacy and applications to location privacy Catuscia Palamidessi INRIA &amp; Ecole

Differential privacy and applications to location privacy Catuscia Palamidessi INRIA &amp; Ecole

Differential privacy and applications to location privacy Catuscia Palamidessi INRIA &amp; Ecole Polytechnique 1 Plan of the talk General introduction to privacy issues A naive approach to privacy protection: anonymization Why it

740 views • 44 slides
Implementing Differential Privacy &amp; Side-channel attacks CompSci 590.03 Instructor: Ashwin

Implementing Differential Privacy &amp; Side-channel attacks CompSci 590.03 Instructor: Ashwin

Implementing Differential Privacy &amp; Side-channel attacks CompSci 590.03 Instructor: Ashwin Machanavajjhala Lecture 14 : 590.03 Fall 12 1 Outline Differential Privacy Implementations PINQ: Privacy Integrated Queries [McSherry SIGMOD

1.22k views • 40 slides
Algorithms for Differential Privacy: Exponential &amp; Median Mechanism CompSci 590.03

Algorithms for Differential Privacy: Exponential &amp; Median Mechanism CompSci 590.03

Algorithms for Differential Privacy: Exponential &amp; Median Mechanism CompSci 590.03 Instructor: Ashwin Machanavajjhala Lecture 7 : 590.03 Fall 12 1 Recap: Differential Privacy For every pair of inputs For every output that differ in one

445 views • 29 slides
Data Mining with Differential Privacy Arik Friedman and Assal Schuster by Slawomir Goryczka

Data Mining with Differential Privacy Arik Friedman and Assal Schuster by Slawomir Goryczka

Data Mining with Differential Privacy Arik Friedman and Assal Schuster by Slawomir Goryczka Differential Privacy A randomized computation M provides -differential privacy if for any datasets A and B that differ by 1 record and any set of

193 views • 17 slides
Satisfy Legal Definitions of Privacy? The Case of FERPA and Differential Privacy CS

Satisfy Legal Definitions of Privacy? The Case of FERPA and Differential Privacy CS

Do Computer Science Definitions of Privacy Satisfy Legal Definitions of Privacy? The Case of FERPA and Differential Privacy CS LAW Kobbi Nissim Ben-Gurion University Center for Research on Computation and Society

865 views • 62 slides
Principles of Software Construction: Objects, Design, and Concurrency Introduction to Design

Principles of Software Construction: Objects, Design, and Concurrency Introduction to Design

Principles of Software Construction: Objects, Design, and Concurrency Introduction to Design Patterns Charlie Garrod Chris Timperley 17-214 1 Administrivia Homework 1 feedback in your GitHub repository Homework 2 due tonight 11:59 p.m.

920 views • 42 slides
Security and Privacy 12A. Operating Systems Security Operating Systems Principles 12B.

Security and Privacy 12A. Operating Systems Security Operating Systems Principles 12B.

5/18/2016 Security and Privacy 12A. Operating Systems Security Operating Systems Principles 12B. Authentication 12C. Authorization Security and Privacy 12D. Trust 12E. At-Rest Encryption Mark Kampe (markk@cs.ucla.edu) Security and Privacy

116 views • 8 slides
Basic Privacy Principles Introduction to Privacy and the GDPR Simone Fischer-Hbner CC-BY-4.0

Basic Privacy Principles Introduction to Privacy and the GDPR Simone Fischer-Hbner CC-BY-4.0

Basic Privacy Principles Introduction to Privacy and the GDPR Simone Fischer-Hbner CC-BY-4.0 Basic Privacy Principles (part of OECD Privacy Guidelines &amp; most Privacy/Data Protection Law s) Lawfullness of processing , e.g. by

296 views • 4 slides
Cross-border Flow of Health Information: is Privacy by Design sufficient to obtain complete

Cross-border Flow of Health Information: is Privacy by Design sufficient to obtain complete

EUropean Best Information through Regional Outcomes in Diabetes Cross-border Flow of Health Information: is Privacy by Design sufficient to obtain complete and accurate data for Public Health in Europe? The case of BIRO/EUBIROD Diabetes

325 views • 20 slides
Algorithms R OBERT S EDGEWICK | K EVIN W AYNE 4.4 S HORTEST P ATHS APIs shortest-paths

Algorithms R OBERT S EDGEWICK | K EVIN W AYNE 4.4 S HORTEST P ATHS APIs shortest-paths

Algorithms R OBERT S EDGEWICK | K EVIN W AYNE 4.4 S HORTEST P ATHS APIs shortest-paths properties Dijkstra's algorithm Algorithms edge-weighted DAGs F O U R T H E D I T I O N negative weights R OBERT S EDGEWICK | K EVIN W

908 views • 67 slides
Privacy Invasions in Ubicomp Marc Langheinrich ETH Zurich http://www.inf.ethz.ch/~langhein/

Privacy Invasions in Ubicomp Marc Langheinrich ETH Zurich http://www.inf.ethz.ch/~langhein/

Privacy Invasions in Ubicomp Marc Langheinrich ETH Zurich http://www.inf.ethz.ch/~langhein/ Privacy Workshop, Ubicomp 2002 Helpful Concepts Privacy Workshop, Ubicomp 2002 ! Privacy Boundaries When do people feel their privacy is being

262 views • 9 slides
O ne year ago, over Fourth how it happens, how to stop it from times more conductive than fresh

O ne year ago, over Fourth how it happens, how to stop it from times more conductive than fresh

ESD Explained in agonizing pain. Less than a third of the electricity used to light a 40-watt What every boater needs to know about Electric Shock Drowning light bulb 100 ma passing directly through the heart is almost always fatal.

309 views • 4 slides
Computational Semantics Representation and Reasoning Frank Richter Goethe Universitt Frankfurt

Computational Semantics Representation and Reasoning Frank Richter Goethe Universitt Frankfurt

Computational Semantics Representation and Reasoning Frank Richter Goethe Universitt Frankfurt a.M. Institut fr England- und Amerikastudien Abteilung Linguistik LACompLing2018, August 2831 Stockholm University Frank Richter

674 views • 35 slides

More recommend